diff --git a/backend/app/Http/Controllers/Api/AuthenticationTrait.php b/backend/app/Http/Controllers/Api/AuthenticationTrait.php index 447641df..bb72f283 100644 --- a/backend/app/Http/Controllers/Api/AuthenticationTrait.php +++ b/backend/app/Http/Controllers/Api/AuthenticationTrait.php @@ -26,12 +26,7 @@ trait AuthenticationTrait { if ($this->getGuard() == 'children') { Validator::extend('tel_size', function ($attribute, $value, $params, $validator) { - try { - return strlen((string)$value) == 10 || strlen((string)$value) == 11; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->telsize($value); }); } diff --git a/backend/app/Http/Controllers/Api/ChildrenController.php b/backend/app/Http/Controllers/Api/ChildrenController.php index 17fc5b57..1cdffa90 100644 --- a/backend/app/Http/Controllers/Api/ChildrenController.php +++ b/backend/app/Http/Controllers/Api/ChildrenController.php @@ -32,12 +32,7 @@ class ChildrenController extends Controller { public function registerTemporary (Request $r) { // 電話番号の文字数。 Validator::extend('tel_size', function ($attribute, $value, $params, $validator) { - try { - return strlen((string)$value) == 10 || strlen((string)$value) == 11; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->telsize($value); }); $validate = Validator::make($r->all(), [ @@ -54,7 +49,7 @@ class ChildrenController extends Controller { return ['status_code' => 400, 'error_messages' => ['既に使用されている電話番号です。']]; } - $token = bin2hex(random_bytes(8)); + $token = bin2hex(random_bytes(24)); $create = [ 'type' => 0, 'tel' => $r->tel, @@ -104,28 +99,12 @@ KIKI承知システムを使って「聞いてない!」「言ってない! // ファイルサイズは10MiB以内 Validator::extend('image_size', function ($attribute, $value, $params, $validator) { - try { - if (is_null($value)) return true; - return strlen($value) < env('PDF_MAX_SIZE'); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagesizecannull($value); }); - + // ミームタイプ Validator::extend('image_meme', function ($attribute, $value, $params, $validator) { - try { - if (is_null($value)) return true; - return ( - mime_content_type($value) == 'image/jpeg' || // jpg - mime_content_type($value) == 'image/png' || // png - mime_content_type($value) == 'image/gif' // gif - ); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagememecannull($value); }); $validate = Validator::make($r->all(), [ @@ -187,12 +166,7 @@ KIKI承知システムを使って「聞いてない!」「言ってない! public function requestPassword (Request $r) { // 電話番号の文字数。 Validator::extend('tel_size', function ($attribute, $value, $params, $validator) { - try { - return strlen((string)$value) == 10 || strlen((string)$value) == 11; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->telsize($value); }); $validate = Validator::make($r->all(), [ @@ -209,7 +183,7 @@ KIKI承知システムを使って「聞いてない!」「言ってない! return ['status_code' => 400, 'error_messages' => ['電話番号が未登録です。入力した情報を確認してください。']]; } - $token = bin2hex(random_bytes(8)); + $token = bin2hex(random_bytes(24)); $create = [ 'type' => 1, 'child_id' => $result->id, @@ -386,26 +360,12 @@ KIKI承知システムを使って「聞いてない!」「言ってない! // ファイルサイズは10MiB以内 Validator::extend('image_size', function ($attribute, $value, $params, $validator) { - try { - return strlen(base64_decode($value)) < env('PDF_MAX_SIZE'); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagesize($value); }); // ミームタイプ Validator::extend('image_meme', function ($attribute, $value, $params, $validator) { - try { - return ( - mime_content_type($value) == 'image/jpeg' || // jpg - mime_content_type($value) == 'image/png' || // png - mime_content_type($value) == 'image/gif' // gif - ); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagememe($value); }); // バリデーションエラー @@ -453,12 +413,7 @@ KIKI承知システムを使って「聞いてない!」「言ってない! // 電話番号の文字数。 Validator::extend('tel_size', function ($attribute, $value, $params, $validator) { - try { - return strlen((string)$value) == 10 || strlen((string)$value) == 11; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->telsize($value); }); // バリデーションエラー diff --git a/backend/app/Http/Controllers/Api/FathersController.php b/backend/app/Http/Controllers/Api/FathersController.php index ffe1f2d6..9e595748 100644 --- a/backend/app/Http/Controllers/Api/FathersController.php +++ b/backend/app/Http/Controllers/Api/FathersController.php @@ -49,7 +49,7 @@ class FathersController extends Controller { return ['status_code' => 400, 'error_messages' => ['メールアドレスが未登録です。入力した情報を確認してください。']]; } - $token = bin2hex(random_bytes(8)); + $token = bin2hex(random_bytes(24)); $create = [ 'type' => 1, 'father_id' => $result->id, @@ -98,7 +98,7 @@ class FathersController extends Controller { return ['status_code' => 400, 'error_messages' => ['入力したメールアドレスは既に登録済みです。同じメールアドレスは使用できません。']]; } else { - $token = bin2hex(random_bytes(8)); + $token = bin2hex(random_bytes(24)); $create = ['email' => $r->email, 'token' => $token, 'ttl' => date('Y-m-d H:i:s', time()+env('TTL_SEC'))]; try { @@ -121,38 +121,17 @@ class FathersController extends Controller { public function registerMain (Request $r) { // 電話番号の文字数。 Validator::extend('tel_size', function ($attribute, $value, $params, $validator) { - try { - return strlen((string)$value) == 10 || strlen((string)$value) == 11; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->telsize($value); }); // ファイルサイズは10MiB以内 Validator::extend('image_size', function ($attribute, $value, $params, $validator) { - try { - if (is_null($value)) return true; - return strlen($value) < env('PDF_MAX_SIZE'); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagesizecannull($value); }); - + // ミームタイプ Validator::extend('image_meme', function ($attribute, $value, $params, $validator) { - try { - if (is_null($value)) return true; - return ( - mime_content_type($value) == 'image/jpeg' || // jpg - mime_content_type($value) == 'image/png' || // png - mime_content_type($value) == 'image/gif' // gif - ); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagememecannull($value); }); $validate = Validator::make($r->all(), [ @@ -309,26 +288,12 @@ class FathersController extends Controller { // ファイルサイズは10MiB以内 Validator::extend('image_size', function ($attribute, $value, $params, $validator) { - try { - return strlen(base64_decode($value)) < env('PDF_MAX_SIZE'); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagesize($value); }); // ミームタイプ Validator::extend('image_meme', function ($attribute, $value, $params, $validator) { - try { - return ( - mime_content_type($value) == 'image/jpeg' || // jpg - mime_content_type($value) == 'image/png' || // png - mime_content_type($value) == 'image/gif' // gif - ); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagememe($value); }); // バリデーションエラー @@ -390,12 +355,7 @@ class FathersController extends Controller { // 電話番号の文字数。 Validator::extend('tel_size', function ($attribute, $value, $params, $validator) { - try { - return strlen((string)$value) == 10 || strlen((string)$value) == 11; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->telsize($value); }); // バリデーションエラー diff --git a/backend/app/Http/Controllers/Api/MeetingImagesController.php b/backend/app/Http/Controllers/Api/MeetingImagesController.php index dfb9b857..c3397c67 100644 --- a/backend/app/Http/Controllers/Api/MeetingImagesController.php +++ b/backend/app/Http/Controllers/Api/MeetingImagesController.php @@ -22,26 +22,12 @@ class MeetingImagesController extends Controller { // ファイルサイズは10MiB以内 Validator::extend('image_size', function ($attribute, $value, $params, $validator) { - try { - return strlen(base64_decode($value)) < env('PDF_MAX_SIZE'); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagesize($value); }); // ミームタイプ Validator::extend('image_meme', function ($attribute, $value, $params, $validator) { - try { - return ( - mime_content_type($value) == 'image/jpeg' || // jpg - mime_content_type($value) == 'image/png' || // png - mime_content_type($value) == 'image/gif' // gif - ); - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagememe($value); }); // バリデーションエラー diff --git a/backend/app/Http/Controllers/Api/MeetingsController.php b/backend/app/Http/Controllers/Api/MeetingsController.php index 20f287ca..3883dfe0 100644 --- a/backend/app/Http/Controllers/Api/MeetingsController.php +++ b/backend/app/Http/Controllers/Api/MeetingsController.php @@ -27,67 +27,18 @@ class MeetingsController extends Controller { // ファイルサイズは10MiB以内 Validator::extend('image_size', function ($attribute, $value, $params, $validator) { - try { - $ok = true; - foreach (json_decode($value) as $v) { - if (strlen(base64_decode($v)) > env('PDF_MAX_SIZE')) { - $ok = false; - } - } - return $ok; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagesizemulti($value); }); // ミームタイプ //// 画像 Validator::extend('image_meme', function ($attribute, $value, $params, $validator) { - try { - $ok = true; - foreach (json_decode($value) as $v) { - if (substr($v, -5) == '.jpeg' || substr($v, -4) == '.jpg' || substr($v, -4) == '.png' || substr($v, -4) == '.gif') { - if ( - substr($v, -5) != '.jpeg' && // jpeg - substr($v, -4) != '.jpg' && // jpg - substr($v, -4) != '.png' && // png - substr($v, -4) != '.gif' // gif - ) { - $ok = false; - } - } - else { - if ( - mime_content_type($v) != 'image/jpeg' && // jpg - mime_content_type($v) != 'image/png' && // png - mime_content_type($v) != 'image/gif' // gif - ) { - $ok = false; - } - } - } - - return $ok; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->imagememeorfile($value); }); //// PDF Validator::extend('pdf_meme', function ($attribute, $value, $params, $validator) { - try { - if (substr($value, -4) != '.pdf') { - return mime_content_type($value) == 'application/pdf'; - } - else { - return substr($value, -4) == '.pdf'; - } - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } + return $this->pdfmeme($value); }); $validate = Validator::make($r->all(), [ @@ -700,26 +651,9 @@ class MeetingsController extends Controller { } // ミームタイプ - if (substr($r->pdf, -4) != '.pdf') { - Validator::extend('pdf_meme', function ($attribute, $value, $params, $validator) { - try { - return mime_content_type($value) == 'application/pdf'; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } - }); - } - else { - Validator::extend('pdf_meme', function ($attribute, $value, $params, $validator) { - try { - return substr($value, -4) == '.pdf'; - } catch (\Throwable $e) { - Log::critical($e->getMessage()); - return false; - } - }); - } + Validator::extend('pdf_meme', function ($attribute, $value, $params, $validator) { + return $this->pdfmeme($value); + }); $validate = Validator::make($r->all(), [ 'title' => 'required|max:100', diff --git a/backend/app/Http/Controllers/Controller.php b/backend/app/Http/Controllers/Controller.php index c948e6ee..cfc024f8 100644 --- a/backend/app/Http/Controllers/Controller.php +++ b/backend/app/Http/Controllers/Controller.php @@ -6,6 +6,7 @@ use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Illuminate\Foundation\Bus\DispatchesJobs; use Illuminate\Foundation\Validation\ValidatesRequests; use Illuminate\Routing\Controller as BaseController; +use Illuminate\Support\Facades\Log; class Controller extends BaseController { @@ -16,8 +17,7 @@ class Controller extends BaseController * @return string * @throws \Exception */ - public function uuidv4 () : string - { + public function uuidv4 () : string { $chars = str_split('xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'); foreach ($chars as $i => $char) { @@ -30,4 +30,101 @@ class Controller extends BaseController return implode('', $chars); } + + public function telsize ($value) { + try { + return strlen((string)$value) == 10 || strlen((string)$value) == 11; + } catch (\Throwable $e) { + Log::critical($e->getMessage()); + return false; + } + } + + public function imagesize ($value) { + try { + return strlen($value) < env('PDF_MAX_SIZE'); + } catch (\Throwable $e) { + Log::critical($e->getMessage()); + return false; + } + } + + public function imagesizecannull ($value) { + if (is_null($value)) return true; + return $this->imagesize($value); + } + + public function imagememe ($value) { + try { + return ( + mime_content_type($value) == 'image/jpeg' || // jpg + mime_content_type($value) == 'image/png' || // png + mime_content_type($value) == 'image/gif' // gif + ); + } catch (\Throwable $e) { + Log::critical($e->getMessage()); + return false; + } + } + + public function imagememecannull ($value) { + if (is_null($value)) return true; + return $this->imagememe($value); + } + + public function imagememeorfile ($value) { + try { + $ok = true; + foreach (json_decode($value) as $v) { + if (substr($v, -5) == '.jpeg' || substr($v, -4) == '.jpg' || substr($v, -4) == '.png' || substr($v, -4) == '.gif') { + if ( + substr($v, -5) != '.jpeg' && // jpeg + substr($v, -4) != '.jpg' && // jpg + substr($v, -4) != '.png' && // png + substr($v, -4) != '.gif' // gif + ) { + $ok = false; + } + } + else { + $ok = $this->imagememe($v); + } + } + + return $ok; + } catch (\Throwable $e) { + Log::critical($e->getMessage()); + return false; + } + } + + public function imagesizemulti ($value) { + try { + $ok = true; + foreach (json_decode($value) as $v) { + if (strlen(base64_decode($v)) > env('PDF_MAX_SIZE')) { + $ok = false; + } + } + return $ok; + } catch (\Throwable $e) { + Log::critical($e->getMessage()); + return false; + } + } + + + public function pdfmeme ($value) { + try { + if (substr($value, -4) != '.pdf') { + return mime_content_type($value) == 'application/pdf'; + } + else { + return substr($value, -4) == '.pdf'; + } + } catch (\Throwable $e) { + Log::critical($e->getMessage()); + return false; + } + } } diff --git a/backend/database/migrations/2021_08_13_020003_create_email_activations_table.php b/backend/database/migrations/2021_08_13_020003_create_email_activations_table.php index 7e66cb59..54b04c74 100644 --- a/backend/database/migrations/2021_08_13_020003_create_email_activations_table.php +++ b/backend/database/migrations/2021_08_13_020003_create_email_activations_table.php @@ -18,7 +18,7 @@ class CreateEmailActivationsTable extends Migration $table->unsignedTinyInteger('type'); $table->unsignedBigInteger('father_id')->nullable(); $table->string('email', 255)->unique(); - $table->string('token', 16); + $table->string('token', 64)->unique(); $table->dateTime('ttl'); $table->timestamps(); }); diff --git a/backend/database/migrations/2021_08_13_050204_create_tel_activations_table.php b/backend/database/migrations/2021_08_13_050204_create_tel_activations_table.php index 45bb45ef..6428ca31 100644 --- a/backend/database/migrations/2021_08_13_050204_create_tel_activations_table.php +++ b/backend/database/migrations/2021_08_13_050204_create_tel_activations_table.php @@ -19,7 +19,7 @@ class CreateTelActivationsTable extends Migration $table->unsignedBigInteger('child_id')->nullable(); $table->foreign('child_id')->references('id')->on('children')->onDelete('cascade'); $table->string('tel', 11)->unique(); - $table->string('token', 100); + $table->string('token', 100)->unique(); $table->dateTime('ttl'); $table->timestamps(); });